The External CA Root Certificate must be installed into the Trusted Root Store.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-63583 | WN10-PK-000010 | SV-78073r1_rule | Medium |
| Description |
|---|
| To ensure secure websites protected with ECA server certificates on NIPRNet are properly validated, the system must trust the ECA Root CA 2. The ECA root certificate will ensure the trust chain is established for server certificates issued from the External CA. This requirement only applies to NIPRNet systems. |
| STIG | Date |
|---|---|
| Windows 10 Security Technical Implementation Guide | 2016-06-08 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-69513r1_fix) |
|---|
| Install the ECA root CA 2 certificate on NIPRNet systems only. The InstallRoot tool is available on IASE at http://iase.disa.mil/pki-pke/function_pages/tools.html. |